Squid Dynamic ACL
I have squid setup up running and I want to add IP addresses to a text file and load that into the squid config. Then I can just add a new IP address to the file and it will work without restarting the service.
I have tried this in the config but it is not working:
acl localnet src "path/to/file/trusted_ip.txt"
obviously I changed the path to the correct one!
Am I missing something? The txt file has only one ip address init that I am using to test with:
If i add this line:
acl localnet src 10.143.20.96/255.255.255.255
It works perfectly however, the ip address will be random and i do not want to have to restart the squid service.
Is this possible?
Yes, it's possible but you still have to tell squid to re-read its config file. Either run 'squid -k reconfigure' or send a HUP signal to the running process.
What I do is have a background process running which watches the text file and sends squid a HUP (that's the Unix 'Hang Up' signal) whenever the file's timestamp changes.
Thanks for the reply, When I point the conf at the txt file it does not work. If I enter the IP into the conf file directly it works.
Is there anything special I need to do to get IP addresses working from an external file?
slash notation should just be /255 no?
whut? No. 255.255.255.255 = /32.
Originally Posted by nicklec
Classless Inter-Domain Routing - Wikipedia, the free encyclopedia
Yeah sorry confused myself, have you added the line below the acl, "http_access allow aclname"?
Originally Posted by powdarrmonkey
Have you made sure that the running squid process has permission to read the trusted_ip.txt file?
It defiantly has permissions to view it. it is very strange that putting it directly in the config works but the txt doesn't!
Not sure what to try next!
all working now i started again from scratch and its fine!